Buy Your Tickets for AI Council 2026!

2026 Talks

Feross Aboukhadijeh
Feross Aboukhadijeh
CEO | Socket

Go Back

The Agent Attack Surface: Why AI Is Breaking Software Security As We Know It

  • AI Security & Safety

For decades, software security has followed a simple mental model: developers write code, security teams review it, and vulnerabilities get patched one by one. AI agents are about to break that model entirely.

Agents don't just run code — they choose tools, write new code, and select dependencies throughout the development process, often without any human in the loop. They lack the context to make safe decisions about what they're pulling in: whether a package is malicious, maintained, or a typosquat of something legitimate. The software supply chain becomes dramatically harder to reason about when the software itself is deciding what to include.

At the same time, AI is supercharging vulnerability discovery, finding hundreds of new flaws at a pace the current model can't absorb. Putting the burden on individual developers is no longer acceptable.

We'll discuss what a new security model looks like — one that operates at the ecosystem level and responds automatically to emerging threats.

Feross Aboukhadijeh

CEO

Feross Aboukhadijeh

Socket

Feross is the founder and CEO at Socket, a developer-first security platform. Feross has worked in open source software for 10+ years writing some of the most-downloaded JavaScript packages. Feross is a lecturer at Stanford where he teaches CS 253 Web Security. Socket makes a developer-first security platform that prevents vulnerable and malicious open source dependencies from infiltrating your software supply chain. Thousands of organizations in every industry use Socket to safely discover, audit, and manage OSS at scale.

The AI Conference for Humans Who Ship

While other conferences theorize, AI Council features the engineers shipping tomorrow's breakthroughs today.

Subscribe for Updates